the unofficial HackerOne disclosure timeline.

X
b'Mobile Vikings' disclosed a bug submitted by b'4lemon' 
b'Reflected xss in user name thru cookie'
04 Mar 2015 timeline
b'Mobile Vikings' disclosed a bug submitted by b'4lemon' 
b'Stored xss in user name'
04 Mar 2015 timeline
wont-fix
b'Mobile Vikings' disclosed a bug submitted by b'4lemon' 
b'Stored xss in user name (2) affected another user.'
04 Mar 2015 timeline
b'Mobile Vikings' disclosed a bug submitted by b'4lemon' 
b'Username and sim id enum'
04 Mar 2015 timeline
wont-fix
b'Mobile Vikings' disclosed a bug submitted by b'4lemon' 
b'Approve topup method by sender of this method'
04 Mar 2015 timeline
b'PHP' disclosed a bug submitted by b'andreapalazzo' 
b"SoapClient's __call() type confusion through unserialize()"
03 Mar 2015 timeline
b'Vimeo' disclosed a bug submitted by b'fin1te' 
b'Ability to Download Music Tracks Without Paying (Missing permission check on`/musicstore/download`)'
01 Mar 2015 timeline
b'The Internet' disclosed a bug submitted by b'dirtybit' 
b'Bad Write in TTF font parsing (win32k.sys)'
01 Mar 2015 timeline
b'Vimeo' disclosed a bug submitted by b'dotspoted' 
b'Serious Vulnerability Found'
27 Feb 2015 timeline
wont-fix
b'itBit Exchange' disclosed a bug submitted by b'zoczus' 
b'Notification Emails: IP + Content-Spoofing '
27 Feb 2015 timeline
b'itBit Exchange' disclosed a bug submitted by b'4lemon' 
b'Unsecure data in "device" response - OTP'
27 Feb 2015 timeline
b'HackerOne' disclosed a bug submitted by b'siddiki' 
b'Team member invitations to sandboxed teams are not invalidated consistently (v2)'
27 Feb 2015 timeline
b'PHP' disclosed a bug submitted by b'ryat' 
b'Use after free vulnerability in unserialize() with DateTimeZone'
27 Feb 2015 timeline
b'99designs' disclosed a bug submitted by b'pranav_hivarekar' 
b"CSRF to connect attacker's twitter account to logged in victims account"
26 Feb 2015 timeline
b'Greenhouse.io' disclosed a bug submitted by b'fransrosen' 
b'Subdomain Takeover using blog.greenhouse.io pointing to Hubspot'
26 Feb 2015 timeline
b'Vimeo' disclosed a bug submitted by b'tfairane' 
b'Vimeo.com Insecure Direct Object References Reset Password'
26 Feb 2015 timeline
b'Vimeo' disclosed a bug submitted by b'avlidienbrunn' 
b'Adding profile picture to anyone on Vimeo'
26 Feb 2015 timeline
b'HackerOne' disclosed a bug submitted by b'danlec' 
b'CSP Bypass: Click handler for links with data-method="post" can cause authenticity_token to be sent off domain'
26 Feb 2015 timeline
b'Todoist' disclosed a bug submitted by b'cliffordtrigo' 
b'Taking over a Business Account Admin'
26 Feb 2015 timeline
b'Todoist' disclosed a bug submitted by b'cliffordtrigo' 
b'Remotely removing credit cards from business accounts!'
26 Feb 2015 timeline
1 ... 724 725 726 727 728 ... 765
Follow @disclosedh1 on twitter to receive updates when a new bug is disclosed!
Twitter
BY DENIS WERNER - @NOBBD - IMPRESSUM